Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-3385

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-3385
Last Modified 20 Apr 2011 09:55:53
Published 14 Aug 2007 06:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-3385

Summary

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.

Vulnerable Systems

Application

  • Apache Tomcat 3.3

  • Apache Tomcat 3.3.1

  • Apache Tomcat 3.3.1a

  • Apache Tomcat 3.3.2

  • Apache Tomcat 4.1.0

  • Apache Tomcat 4.1.1

  • Apache Tomcat 4.1.10

  • Apache Tomcat 4.1.15

  • Apache Tomcat 4.1.2

  • Apache Tomcat 4.1.24

  • Apache Tomcat 4.1.28

  • Apache Tomcat 4.1.3

  • Apache Tomcat 4.1.31

  • Apache Tomcat 4.1.36

  • Apache Tomcat 4.1.9

  • Apache Tomcat 5.0.0

  • Apache Tomcat 5.0.1

  • Apache Tomcat 5.0.10

  • Apache Tomcat 5.0.11

  • Apache Tomcat 5.0.12

  • Apache Tomcat 5.0.13

  • Apache Tomcat 5.0.14

  • Apache Tomcat 5.0.15

  • Apache Tomcat 5.0.16

  • Apache Tomcat 5.0.17

  • Apache Tomcat 5.0.18

  • Apache Tomcat 5.0.19

  • Apache Tomcat 5.0.2

  • Apache Tomcat 5.0.21

  • Apache Tomcat 5.0.22

  • Apache Tomcat 5.0.23

  • Apache Tomcat 5.0.24

  • Apache Tomcat 5.0.25

  • Apache Tomcat 5.0.26

  • Apache Tomcat 5.0.27

  • Apache Tomcat 5.0.28

  • Apache Tomcat 5.0.29

  • Apache Tomcat 5.0.3

  • Apache Tomcat 5.0.30

  • Apache Tomcat 5.0.4

  • Apache Tomcat 5.0.5

  • Apache Tomcat 5.0.6

  • Apache Tomcat 5.0.7

  • Apache Tomcat 5.0.8

  • Apache Tomcat 5.0.9

  • Apache Tomcat 5.5.0

  • Apache Tomcat 5.5.1

  • Apache Tomcat 5.5.10

  • Apache Tomcat 5.5.11

  • Apache Tomcat 5.5.12

  • Apache Tomcat 5.5.13

  • Apache Tomcat 5.5.14

  • Apache Tomcat 5.5.15

  • Apache Tomcat 5.5.16

  • Apache Tomcat 5.5.17

  • Apache Tomcat 5.5.18

  • Apache Tomcat 5.5.19

  • Apache Tomcat 5.5.2

  • Apache Tomcat 5.5.20

  • Apache Tomcat 5.5.21

  • Apache Tomcat 5.5.22

  • Apache Tomcat 5.5.23

  • Apache Tomcat 5.5.24

  • Apache Tomcat 5.5.3

  • Apache Tomcat 5.5.4

  • Apache Tomcat 5.5.5

  • Apache Tomcat 5.5.6

  • Apache Tomcat 5.5.7

  • Apache Tomcat 5.5.8

  • Apache Tomcat 5.5.9

  • Apache Tomcat 6.0.0

  • Apache Tomcat 6.0.1

  • Apache Tomcat 6.0.10

  • Apache Tomcat 6.0.11

  • Apache Tomcat 6.0.12

  • Apache Tomcat 6.0.13

  • Apache Tomcat 6.0.2

  • Apache Tomcat 6.0.3

  • Apache Tomcat 6.0.4

  • Apache Tomcat 6.0.5

  • Apache Tomcat 6.0.6

  • Apache Tomcat 6.0.7

  • Apache Tomcat 6.0.8

  • Apache Tomcat 6.0.9


References

CERT-VN - VU#993544

BUGTRAQ - 20070814 CVE-2007-3385: Handling of \" in cookies

VUPEN - ADV-2009-0233

VUPEN - ADV-2008-1981

VUPEN - ADV-2007-3527

VUPEN - ADV-2007-3386

VUPEN - ADV-2007-2902

BUGTRAQ - 20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)

BUGTRAQ - 20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

AIXAPAR - IZ55562

CONFIRM - http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

CONFIRM - http://support.apple.com/kb/HT2163

SECUNIA - 44183

SECUNIA - 36486

SECUNIA - 33668

SECUNIA - 30802

SUSE - SUSE-SR:2009:004

APPLE - APPLE-SA-2008-06-30

HP - SSRT071472

HP - SSRT071447

CONFIRM - http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

FEDORA - FEDORA-2007-3456

XF - tomcat-slashcookie-information-disclosure(35999)

BID - 25316

REDHAT - RHSA-2008:0261

REDHAT - RHSA-2008:0195

REDHAT - RHSA-2007:0950

REDHAT - RHSA-2007:0871

MANDRIVA - MDKSA-2007:241

DEBIAN - DSA-1453

DEBIAN - DSA-1447

CONFIRM - http://tomcat.apache.org/security-6.html

SECTRACK - 1018557

SREASON - 3011

SECUNIA - 29242

SECUNIA - 28361

SECUNIA - 28317

SECUNIA - 27727

SECUNIA - 27267

SECUNIA - 27037

SECUNIA - 26898

SECUNIA - 26466

SUSE - SUSE-SR:2008:005

HP - HPSBUX02262

HP - HPSBTU02276

Related Patches

Apple 2008-06-30 Security Update 2008-004 (PPC)

Apple 2008-06-30 Security Update 2008-004 Server (PPC)

Apple 2008-06-30 Security Update 2008-004 (Intel)

Apple 2008-06-30 Security Update 2008-004 Server (Intel)


Last Updated: 27 May 2016 11:02:30